WailingCrab malware, which originates from threat actor TA544, is using delivery-themed emails to infect hosts, subsequent to which it deploys a backdoor, allowing the C2 server to send more payloads. The malware utilises a lightweight messaging protocol, MQTT, and has switched from using Discord to MQTT for stealth and detection evasion. Components of the malware are stored on platforms like Discord.
Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email – CyberSecurityNews
Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email CyberSecurityNews
